mirror of
https://anongit.gentoo.org/git/repo/gentoo.git
synced 2025-12-21 02:42:18 +00:00
211924340dSelection of cherry-picks from the 1.4 branch. Adjust the 1.4.8 ebuild to not apply these, just 1.4.8-r1. Signed-off-by: Sam James <sam@gentoo.org>
41 lines
1.5 KiB
Diff
41 lines
1.5 KiB
Diff
https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/8f35e18d18b18b8db959793fe73fc594e5da8cd5
|
|
|
|
From 8f35e18d18b18b8db959793fe73fc594e5da8cd5 Mon Sep 17 00:00:00 2001
|
|
From: Wim Taymans <wtaymans@redhat.com>
|
|
Date: Wed, 17 Sep 2025 10:21:10 +0200
|
|
Subject: [PATCH] systemd: remove RestrictNamespaces from service file
|
|
|
|
Wireplumber loads the libcamera nodes into the pipewire server.
|
|
We need to remove the RestrictNamespaces option from the service file
|
|
to allow libcamera to load sandboxed IPA modules.
|
|
---
|
|
src/daemon/systemd/system/pipewire.service.in | 1 -
|
|
src/daemon/systemd/user/pipewire.service.in | 1 -
|
|
2 files changed, 2 deletions(-)
|
|
|
|
diff --git a/src/daemon/systemd/system/pipewire.service.in b/src/daemon/systemd/system/pipewire.service.in
|
|
index dc8db3f8f0..aeddea3008 100644
|
|
--- a/src/daemon/systemd/system/pipewire.service.in
|
|
+++ b/src/daemon/systemd/system/pipewire.service.in
|
|
@@ -18,7 +18,6 @@ Requires=pipewire.socket
|
|
LockPersonality=yes
|
|
MemoryDenyWriteExecute=yes
|
|
NoNewPrivileges=yes
|
|
-RestrictNamespaces=yes
|
|
SystemCallArchitectures=native
|
|
SystemCallFilter=@system-service
|
|
Type=simple
|
|
diff --git a/src/daemon/systemd/user/pipewire.service.in b/src/daemon/systemd/user/pipewire.service.in
|
|
index 27818b4b94..c2621e421d 100644
|
|
--- a/src/daemon/systemd/user/pipewire.service.in
|
|
+++ b/src/daemon/systemd/user/pipewire.service.in
|
|
@@ -20,7 +20,6 @@ ConditionUser=!root
|
|
LockPersonality=yes
|
|
MemoryDenyWriteExecute=yes
|
|
NoNewPrivileges=yes
|
|
-RestrictNamespaces=yes
|
|
SystemCallArchitectures=native
|
|
SystemCallFilter=@system-service mincore
|
|
Type=simple
|
|
--
|
|
GitLab
|